Preventing foreign initiated fraudulent or unauthorized use of calling service

ABSTRACT

Novel tools and techniques are provided for implementing prevention of foreign initiated fraudulent or unauthorized use of calling service. In various embodiments, a computing system might receive, from a first user device associated with an originating party, a request to access a first account of a calling system and an access code. Based on a determination that the received access code is valid, the computing system might determine whether the first user device associated with the originating party is located in a foreign country. If so, the computing system might determine whether a database contains a configurable flag indicating that international access is not allowed for the first account. If so, the computing system might initiate one or more first actions. If not, the computing system might provide the first user device with access to the first account of the calling system.

COPYRIGHT STATEMENT

A portion of the disclosure of this patent document contains materialthat is subject to copyright protection. The copyright owner has noobjection to the facsimile reproduction by anyone of the patent documentor the patent disclosure as it appears in the Patent and TrademarkOffice patent file or records, but otherwise reserves all copyrightrights whatsoever.

FIELD

The present disclosure relates, in general, to methods, systems, andapparatuses for implementing monitoring, detection, and/or prevention offraudulent or unauthorized use, and, more particularly, to methods,systems, and apparatuses for implementing prevention of foreigninitiated fraudulent or unauthorized use of calling service.

BACKGROUND

In conventional calling systems or networks (e.g., voice communicationssystems, video communications systems, telephone conference systems,video conferencing systems, or multimedia communications systems, and/orthe like), fraudulent and/or unauthorized usage is rampant and mostlyunchecked. For example, in conventional calling systems or networks, itis difficult to identify fraudulent and/or unauthorized usage (e.g.,users guessing a chairperson or leader code or personal identificationnumber (“PIN”) after already identifying a valid telephone conferenceaccount; a user(s) using the calling systems or networks to initiatebulk calls, robocalls, denial of service (“DoS”) attacks; a user(s)using the calling systems or networks to hide their identity; a user(s)using the calling systems or networks to bypass long distance or othertelephone charges; etc.), particularly by originating parties located inforeign countries.

Hence, there is a need for more robust and scalable solutions forimplementing monitoring, detection, and/or prevention of fraudulent orunauthorized use, and, more particularly, to methods, systems, andapparatuses for implementing prevention of foreign initiated fraudulentor unauthorized use of calling service.

BRIEF DESCRIPTION OF THE DRAWINGS

A further understanding of the nature and advantages of particularembodiments may be realized by reference to the remaining portions ofthe specification and the drawings, in which like reference numerals areused to refer to similar components. In some instances, a sub-label isassociated with a reference numeral to denote one of multiple similarcomponents. When reference is made to a reference numeral withoutspecification to an existing sub-label, it is intended to refer to allsuch multiple similar components.

FIG. 1 is a schematic diagram illustrating a system for implementingprevention of foreign initiated fraudulent or unauthorized use ofcalling service, in accordance with various embodiments.

FIG. 2 is a schematic flow diagram illustrating a method forimplementing prevention of foreign initiated fraudulent or unauthorizeduse of calling service, in accordance with various embodiments.

FIG. 3 is a schematic diagram illustrating a non-limiting example of useof a trunking bridge for a telephone conference system or voice networkfor which prevention of foreign initiated fraudulent or unauthorized useof calling service may be implemented, in accordance with variousembodiments.

FIGS. 4A-4C are flow diagrams illustrating a method for implementingprevention of foreign initiated fraudulent or unauthorized use ofcalling service, in accordance with various embodiments.

FIG. 5 is a block diagram illustrating an exemplary computer or systemhardware architecture, in accordance with various embodiments.

FIG. 6 is a block diagram illustrating a networked system of computers,computing systems, or system hardware architecture, which can be used inaccordance with various embodiments.

DETAILED DESCRIPTION OF CERTAIN EMBODIMENTS

Overview

Various embodiments provide tools and techniques for implementingmonitoring, detection, and/or prevention of fraudulent or unauthorizeduse, and, more particularly, to methods, systems, and apparatuses forimplementing prevention of foreign initiated fraudulent or unauthorizeduse of calling service.

In various embodiments, a computing system might receive, from a firstuser device associated with an originating party, a request to access afirst account of the calling system. The computing system might receive,from the first user device, an access code. The computing system mightdetermine whether the received access code is valid for the firstaccount of the calling system. Based on a determination that thereceived access code is valid, the computing system might determinewhether the first user device associated with the originating party islocated in a foreign country (e.g., a country external to the country inwhich the calling system is primarily located or in which a core of thecalling system is located, or the like). Based on a determination thatthe first user device associated with the originating party is locatedin a foreign country, the computing system might determine whether adatabase contains a configurable flag indicating that internationalaccess is not allowed for the first account. Based on a determinationthat the database contains a configurable flag indicating thatinternational access is not allowed for the first account, the computingsystem might initiate one or more first actions. Based on adetermination that the database does not contain a configurable flagindicating that international access is not allowed for the firstaccount or that the database contains a configurable flag indicatingthat international access is allowed for the first account, thecomputing system might provide the first user device with access to thefirst account of the calling system. Based on a determination that thereceived access code is not valid, the computing system might blockaccess to the first account of the calling system by the first userdevice.

In some embodiments, based on a determination that the received accesscode is valid, based on a determination that the database does notcontain a configurable flag indicating that international access is notallowed for the first account, and based on a determination that thedatabase does not already contain a configurable flag indicating thatinternational access is allowed for the first account, the computingsystem might add a configurable flag indicating that internationalaccess is allowed for the first account. In some cases, receiving therequest to access the first account of the calling system might comprisereceiving, from the first user device associated with the originatingparty via an application programming interface (“API”), a request toaccess the first account of the calling system. In some instances,receiving the request to access the first account of the calling systemmight comprise receiving, from the first user device associated with theoriginating party via a web service, a request to access the firstaccount of the calling system.

According to some embodiments, the computing system might receive, froma user device of a chairperson associated with the first account via oneof an API or an interactive voice response (“IVR”) system (not shown),commands to modify configuration settings associated with the firstaccount of the calling system. In some cases, the configuration settingsmight include, without limitation, one of: permitting all internationalaccess; denying all international access; permitting internationalaccess when the chairperson is logged into the first account; or sendinga prompt to the chairperson requesting whether or not to permitinternational access when the chairperson is not logged into the firstaccount; and/or the like.

In some embodiments, determining whether a database contains aconfigurable flag indicating that international access is not allowedfor the first account might include, without limitation, one of:querying the database to determine whether the database contains aconfigurable flag indicating that international access is not allowedfor the first account; or accessing, using an API, a web service todetermine whether the database contains a configurable flag indicatingthat international access is not allowed for the first account.According to some embodiments, initiating the one or more first actionsmight include, but is not limited to, one of: blocking access to thefirst account of the calling system by the first user device; promptingthe first user device to enter a valid access code until a number ofattempts exceeds an allowed number, simulating failed access code entry;based on a determination that a chairperson associated with the firstaccount is logged into the first account, providing the first userdevice with access to the first account of the calling system; or basedon a determination that a chairperson associated with the first accountis logged into the first account, sending a prompt to the chairpersonrequesting whether or not to permit the first user device to access thefirst account; and/or the like.

These and other aspects of the prevention of foreign initiatedfraudulent or unauthorized use of calling service are described ingreater detail with respect to the figures.

The following detailed description illustrates a few exemplaryembodiments in further detail to enable one of skill in the art topractice such embodiments. The described examples are provided forillustrative purposes and are not intended to limit the scope of theinvention.

In the following description, for the purposes of explanation, numerousspecific details are set forth in order to provide a thoroughunderstanding of the described embodiments. It will be apparent to oneskilled in the art, however, that other embodiments of the presentinvention may be practiced without some of these specific details. Inother instances, certain structures and devices are shown in blockdiagram form. Several embodiments are described herein, and whilevarious features are ascribed to different embodiments, it should beappreciated that the features described with respect to one embodimentmay be incorporated with other embodiments as well. By the same token,however, no single feature or features of any described embodimentshould be considered essential to every embodiment of the invention, asother embodiments of the invention may omit such features.

Unless otherwise indicated, all numbers used herein to expressquantities, dimensions, and so forth used should be understood as beingmodified in all instances by the term “about.” In this application, theuse of the singular includes the plural unless specifically statedotherwise, and use of the terms “and” and “or” means “and/or” unlessotherwise indicated. Moreover, the use of the term “including,” as wellas other forms, such as “includes” and “included,” should be considerednon-exclusive. Also, terms such as “element” or “component” encompassboth elements and components comprising one unit and elements andcomponents that comprise more than one unit, unless specifically statedotherwise.

Various embodiments described herein, while embodying (in some cases)software products, computer-performed methods, and/or computer systems,represent tangible, concrete improvements to existing technologicalareas, including, without limitation, teleconferencing or telephoneconferencing technology, telephone conference or voice networkmonitoring technology, call connection technology, call monitoringtechnology, and/or the like. In other aspects, certain embodiments, canimprove the functioning of user equipment or systems themselves (e.g.,teleconferencing or telephone conferencing systems, telephone conferenceor voice network monitoring systems, call connection system, callmonitoring system, etc.), for example, by receiving, with a computingsystem of a calling system and from a first user device associated withan originating party, a request to access a first account of the callingsystem; receiving, with the computing system and from the first userdevice, an access code; determining, with the computing system, whetherthe received access code is valid for the first account of the callingsystem; based on a determination that the received access code is valid,determining, with the computing system, whether the first user deviceassociated with the originating party is located in a foreign country;based on a determination that the first user device associated with theoriginating party is located in a foreign country, determining, with thecomputing system, whether a database contains a configurable flagindicating that international access is not allowed for the firstaccount; based on a determination that the database contains aconfigurable flag indicating that international access is not allowedfor the first account, initiating one or more first actions; based on adetermination that the database does not contain a configurable flagindicating that international access is not allowed for the firstaccount or that the database contains a configurable flag indicatingthat international access is allowed for the first account, providingthe first user device with access to the first account of the callingsystem; and/or the like.

In particular, to the extent any abstract concepts are present in thevarious embodiments, those concepts can be implemented as describedherein by devices, software, systems, and methods that involve specificnovel functionality (e.g., steps or operations), such as, by receiving,with a computing system of a calling system and from a first user deviceassociated with an originating party, a request to access a firstaccount of the calling system; receiving, with the computing system andfrom the first user device, an access code; determining, with thecomputing system, whether the received access code is valid for thefirst account of the calling system; based on a determination that thereceived access code is valid, determining, with the computing system,whether the first user device associated with the originating party islocated in a foreign country; based on a determination that the firstuser device associated with the originating party is located in aforeign country, determining, with the computing system, whether adatabase contains a configurable flag indicating that internationalaccess is not allowed for the first account; based on a determinationthat the database contains a configurable flag indicating thatinternational access is not allowed for the first account, initiatingone or more first actions; based on a determination that the databasedoes not contain a configurable flag indicating that internationalaccess is not allowed for the first account or that the databasecontains a configurable flag indicating that international access isallowed for the first account, providing the first user device withaccess to the first account of the calling system; and/or the like, toname a few examples, that extend beyond mere conventional computerprocessing operations. These functionalities can produce tangibleresults outside of the implementing computer system, including, merelyby way of example, optimized monitoring and tracking of usage of callingsystems or telephone conference systems or voice networks to detectfraudulent or unauthorized usage and to implement actions to address thedetected fraudulent or unauthorized usage, and/or the like, particularlyby originating parties located in a foreign country, at least some ofwhich may be observed or measured by customers and/or service providers.

In an aspect, a method might comprise receiving, with a computing systemof a calling system and from a first user device associated with anoriginating party, a request to access a first account of the callingsystem; receiving, with the computing system and from the first userdevice, an access code; determining, with the computing system, whetherthe received access code is valid for the first account of the callingsystem; based on a determination that the received access code is valid,determining, with the computing system, whether the first user deviceassociated with the originating party is located in a foreign country;based on a determination that the first user device associated with theoriginating party is located in a foreign country, determining, with thecomputing system, whether a database contains a configurable flagindicating that international access is not allowed for the firstaccount; based on a determination that the database contains aconfigurable flag indicating that international access is not allowedfor the first account, initiating one or more first actions; based on adetermination that the database does not contain a configurable flagindicating that international access is not allowed for the firstaccount or that the database contains a configurable flag indicatingthat international access is allowed for the first account, providingthe first user device with access to the first account of the callingsystem.

In some embodiments, the computing system might comprise at least one ofa call server, a network switch, a network hub, a network node, a voicecommunications system, a video communications system, a multimediacommunications system, or a teleconferencing system, and/or the like. Insome cases, the database might be at least one of communicativelycoupled to the computing system, communicatively coupled to the callingsystem, located local to the computing system, or located remote to thecomputing system, and/or the like.

According to some embodiments, the method might comprise, based on adetermination that the received access code is valid, based on adetermination that the database does not contain a configurable flagindicating that international access is not allowed for the firstaccount, and based on a determination that the database does not alreadycontain a configurable flag indicating that international access isallowed for the first account, adding a configurable flag indicatingthat international access is allowed for the first account.

In some instances, receiving the request to access the first account ofthe calling system might comprise receiving, with the computing systemof the calling system and from the first user device associated with theoriginating party via an application programming interface (“API”), arequest to access the first account of the calling system.Alternatively, or additionally, receiving the request to access thefirst account of the calling system might comprise receiving, with thecomputing system of the calling system and from the first user deviceassociated with the originating party via a web service, a request toaccess the first account of the calling system.

In some embodiments, the method might comprise receiving, with thecomputing system and from a user device of a chairperson associated withthe first account via one of an application programming interface(“API”) or an interactive voice response (“IVR”) system, commands tomodify configuration settings associated with the first account of thecalling system. In some cases, the configuration settings might compriseone of: permitting all international access; denying all internationalaccess; permitting international access when the chairperson is loggedinto the first account; or sending a prompt to the chairpersonrequesting whether or not to permit international access when thechairperson is not logged into the first account; and/or the like.

According to some embodiments, determining whether a database contains aconfigurable flag indicating that international access is not allowedfor the first account might include, without limitation, one of:querying the database to determine whether the database contains aconfigurable flag indicating that international access is not allowedfor the first account; or accessing, using an API, a web service todetermine whether the database contains a configurable flag indicatingthat international access is not allowed for the first account. In someembodiments, initiating the one or more first actions might comprise oneof: blocking access to the first account of the calling system by thefirst user device; prompting the first user device to enter a validaccess code until a number of attempts exceeds an allowed number,simulating failed access code entry; based on a determination that achairperson associated with the first account is logged into the firstaccount, providing the first user device with access to the firstaccount of the calling system; or based on a determination that achairperson associated with the first account is logged into the firstaccount, sending a prompt to the chairperson requesting whether or notto permit the first user device to access the first account; and/or thelike.

In another aspect, an apparatus might comprise at least one processorand a non-transitory computer readable medium communicatively coupled tothe at least one processor. The non-transitory computer readable mediummight have stored thereon computer software comprising a set ofinstructions that, when executed by the at least one processor, causesthe apparatus to: receive, from a first user device associated with anoriginating party, a request to access a first account of the callingsystem; receive, from the first user device, an access code; determinewhether the received access code is valid for the first account of thecalling system; based on a determination that the received access codeis valid, determine whether the first user device associated with theoriginating party is located in a foreign country; based on adetermination that the first user device associated with the originatingparty is located in a foreign country, determine whether a databasecontains a configurable flag indicating that international access is notallowed for the first account; based on a determination that thedatabase contains a configurable flag indicating that internationalaccess is not allowed for the first account, initiate one or more firstactions; based on a determination that the database does not contain aconfigurable flag indicating that international access is not allowedfor the first account or that the database contains a configurable flagindicating that international access is allowed for the first account,provide the first user device with access to the first account of thecalling system.

According to some embodiments, determining whether a database contains aconfigurable flag indicating that international access is not allowedfor the first account might include, without limitation, one of:querying the database to determine whether the database contains aconfigurable flag indicating that international access is not allowedfor the first account; or accessing, using an API, a web service todetermine whether the database contains a configurable flag indicatingthat international access is not allowed for the first account. In someembodiments, initiating the one or more first actions might comprise oneof: blocking access to the first account of the calling system by thefirst user device; prompting the first user device to enter a validaccess code until a number of attempts exceeds an allowed number,simulating failed access code entry; based on a determination that achairperson associated with the first account is logged into the firstaccount, providing the first user device with access to the firstaccount of the calling system; or based on a determination that achairperson associated with the first account is logged into the firstaccount, sending a prompt to the chairperson requesting whether or notto permit the first user device to access the first account; and/or thelike.

In yet another aspect, a system might comprise a computing system, whichmight comprise at least one first processor and a first non-transitorycomputer readable medium communicatively coupled to the at least onefirst processor. The first non-transitory computer readable medium mighthave stored thereon computer software comprising a first set ofinstructions that, when executed by the at least one first processor,causes the computing system to: receive, from a first user deviceassociated with an originating party, a request to access a firstaccount of the calling system; receive, from the first user device, anaccess code; determine whether the received access code is valid for thefirst account of the calling system; based on a determination that thereceived access code is valid, determine whether the first user deviceassociated with the originating party is located in a foreign country;based on a determination that the first user device associated with theoriginating party is located in a foreign country, determine whether adatabase contains a configurable flag indicating that internationalaccess is not allowed for the first account; based on a determinationthat the database contains a configurable flag indicating thatinternational access is not allowed for the first account, initiate oneor more first actions; based on a determination that the database doesnot contain a configurable flag indicating that international access isnot allowed for the first account or that the database contains aconfigurable flag indicating that international access is allowed forthe first account, provide the first user device with access to thefirst account of the calling system.

In some embodiments, the computing system might comprise at least one ofa call server, a network switch, a network hub, a network node, a voicecommunications system, a video communications system, a multimediacommunications system, or a teleconferencing system, and/or the like. Insome cases, the database is at least one of communicatively coupled tothe computing system, communicatively coupled to the calling system,located local to the computing system, or located remote to thecomputing system, and/or the like.

According to some embodiments, the first set of instructions, whenexecuted by the at least one first processor, might further cause thecomputing system to: based on a determination that the received accesscode is valid, based on a determination that the database does notcontain a configurable flag indicating that international access is notallowed for the first account, and based on a determination that thedatabase does not already contain a configurable flag indicating thatinternational access is allowed for the first account, add aconfigurable flag indicating that international access is allowed forthe first account.

In some embodiments, determining whether a database contains aconfigurable flag indicating that international access is not allowedfor the first account might include, without limitation, one of:querying the database to determine whether the database contains aconfigurable flag indicating that international access is not allowedfor the first account; or accessing, using an API, a web service todetermine whether the database contains a configurable flag indicatingthat international access is not allowed for the first account.According to some embodiments, initiating the one or more first actionsmight comprise one of: blocking access to the first account of thecalling system by the first user device; prompting the first user deviceto enter a valid access code until a number of attempts exceeds anallowed number, simulating failed access code entry; based on adetermination that a chairperson associated with the first account islogged into the first account, providing the first user device withaccess to the first account of the calling system; or based on adetermination that a chairperson associated with the first account islogged into the first account, sending a prompt to the chairpersonrequesting whether or not to permit the first user device to access thefirst account; and/or the like.

Various modifications and additions can be made to the embodimentsdiscussed without departing from the scope of the invention. Forexample, while the embodiments described above refer to particularfeatures, the scope of this invention also includes embodiments havingdifferent combination of features and embodiments that do not includeall of the above described features.

Specific Exemplary Embodiments

We now turn to the embodiments as illustrated by the drawings. FIGS. 1-6illustrate some of the features of the method, system, and apparatus forimplementing monitoring, detection, and/or prevention of fraudulent orunauthorized use, and, more particularly, to methods, systems, andapparatuses for implementing prevention of foreign initiated fraudulentor unauthorized use of calling service, as referred to above. Themethods, systems, and apparatuses illustrated by FIGS. 1-6 refer toexamples of different embodiments that include various components andsteps, which can be considered alternatives or which can be used inconjunction with one another in the various embodiments. The descriptionof the illustrated methods, systems, and apparatuses shown in FIGS. 1-6is provided for purposes of illustration and should not be considered tolimit the scope of the different embodiments.

With reference to the figures, FIG. 1 is a schematic diagramillustrating a system 100 for implementing prevention of foreigninitiated fraudulent or unauthorized use of calling service, inaccordance with various embodiments.

In the non-limiting embodiment of FIG. 1, system 100 might comprise oneor more calling devices 105 that are associated with or used bycorresponding one or more originating parties 110 to initiate a call orcall session with one or more called devices 115 that are associatedwith or used by corresponding one or more destination parties 120 a-120n (collectively, “destination parties 120” or the like) using a callingsystem or telephone conference system or voice network 125 over one ormore networks 130 a-130 n (collectively, “networks 130” or the like).According to some embodiments, the call or call session might be a callor call session between two parties or among three or more parties overa conference platform, such as a conference bridge or the like providedby the calling system or telephone conference system or voice network125, and may include, without limitation, at least one of a voice callsession, a video call session, a teleconferencing call session, a videoconferencing call session, a multimedia call session, a voice onlyconference call, a video conference call (with voice functionality), avoice over Internet protocol (“VoIP”) conference call, a web-based orInternet based video conference call, and/or the like. The one or morecalling devices 105 might include, but is not limited to, at least oneof a telephone 105 a, a smart phone 105 b, a mobile phone 105 c, atablet computer (not shown), a laptop computer (not shown), a wearabledevice (not shown), or the like. Similarly, the one or more calleddevices 115 might include, without limitation, at least one of atelephone 115 a, a smart phone 115 b, a mobile phone 115 c, a tabletcomputer (not shown), a laptop computer (not shown), a wearable device(not shown), or the like.

In some cases, the one or more networks 130 might each include a localarea network (“LAN”), including, without limitation, a fiber network, anEthernet network, a Token-Ring™ network, and/or the like; a wide-areanetwork (“WAN”); a wireless wide area network (“WWAN”); a virtualnetwork, such as a virtual private network (“VPN”); the Internet; anintranet; an extranet; a public switched telephone network (“PSTN”); aninfra-red network; a wireless network, including, without limitation, anetwork operating under any of the IEEE 802.11 suite of protocols, theBluetooth™ protocol known in the art, and/or any other wirelessprotocol; and/or any combination of these and/or other networks. In aparticular embodiment, the network(s) 130 might include an accessnetwork of the service provider (e.g., an Internet service provider(“ISP”)). In another embodiment, the network(s) 130 might include a corenetwork of the service provider, and/or the Internet.

In some embodiments, system 100 might further comprise computing system145 a and corresponding database(s) 150 a as well as computing system145 b and corresponding database(s) 150 b. Computing system 145 a andcorresponding database(s) 150 a might be disposed external to callingsystem or telephone conference system or voice network 125, whilecomputing system 145 b and corresponding database(s) 150 b might bedisposed within calling system or telephone conference system or voicenetwork 125. According to some embodiments, the computing system 145 aor 145 b might include, without limitation, at least one of a callserver, a network switch, a network hub, a network node, a voicecommunications system, a video communications system, a multimediacommunications system, or a teleconferencing system, and/or the like. Insome embodiments, the database(s) 150 a or 150 b might include, but isnot limited to, at least one of communicatively coupled to the computingsystem, communicatively coupled to the calling system, located local tothe computing system, or located remote to the computing system, and/orthe like.

System 100 might further comprise one or more conference bridges 155a-155 n (optional; collectively, “conference bridges 155” or the like),one or more logging systems 160 a (optional), and one or more artificialintelligence (“AI”) systems 165 (optional), each of which may bedisposed within calling system or telephone conference system or voicenetwork 125. System 100 might further comprise one or more loggingsystems 160 b (optional) that may be disposed external to calling systemor telephone conference system or voice network 125, in some cases,disposed within a first network 130 a, or the like. In some instances,the computing system 145 a and/or 145 b might include, but is notlimited to, at least one of a call server, a network switch, a networkhub, a network node, a voice communications system, a videocommunications system, a multimedia communications system, or ateleconferencing system, and/or the like.

System 100 might further comprise one or more user devices 170associated with corresponding one or more account owners or accountmanagers 175, one or more call centers 180 (or call centerrepresentatives or user devices associated with or used by call centerrepresentatives) (optional), and one or more law enforcement facilities185 (or law enforcement representatives or user devices associated withor used by law enforcement representatives) (optional), or the like.Herein, although some components of system 100 are indicated as beingoptional while others are not, this is merely for the particularembodiment as shown, and, in other embodiments, one or more of theformer set of components (or components indicated as being “optional”)may be required while one or more of the latter set of components (orcomponents not indicated as being “optional”) may in fact be optional.

In operation, computing system 145 a, computing system 145 b, web server140, or a monitoring system (such as monitoring system or web server 335of FIG. 3, or the like) (collectively, “computing system” or the like)might receive, from a first user device (e.g., calling device(s) 105, orthe like) associated with an originating party (e.g., originating party110, or the like), a request to access a first account of the callingsystem 125. The computing system might receive, from the first userdevice, an access code. The computing system might determine whether thereceived access code is valid for the first account of the callingsystem. Based on a determination that the received access code is valid,the computing system might determine whether the first user deviceassociated with the originating party is located in a foreign country(i.e., location 190, or the like; e.g., a country external to thecountry in which the calling system is primarily located or in which acore of the calling system is located, or the like). Based on adetermination that the first user device associated with the originatingparty is located in a foreign country, the computing system mightdetermine whether a database (e.g., database(s) 150 a and/or database(s)150 b, and/or the like) contains a configurable flag indicating thatinternational access is not allowed for the first account. Based on adetermination that the database contains a configurable flag indicatingthat international access is not allowed for the first account, thecomputing system might initiate one or more first actions. Based on adetermination that the database does not contain a configurable flagindicating that international access is not allowed for the firstaccount or that the database contains a configurable flag indicatingthat international access is allowed for the first account, thecomputing system might provide the first user device with access to thefirst account of the calling system 125. Based on a determination thatthe received access code is not valid, the computing system might blockaccess to the first account of the calling system by the first userdevice.

In some embodiments, based on a determination that the received accesscode is valid, based on a determination that the database does notcontain a configurable flag indicating that international access is notallowed for the first account, and based on a determination that thedatabase does not already contain a configurable flag indicating thatinternational access is allowed for the first account, the computingsystem might add a configurable flag indicating that internationalaccess is allowed for the first account. In some cases, receiving therequest to access the first account of the calling system might comprisereceiving, from the first user device associated with the originatingparty via an application programming interface (“API”) 135, a request toaccess the first account of the calling system 125. In some instances,receiving the request to access the first account of the calling systemmight comprise receiving, from the first user device associated with theoriginating party via a web service 140, a request to access the firstaccount of the calling system 125.

According to some embodiments, the computing system might receive, froma user device of a chairperson associated with the first account via oneof an API 135 or an interactive voice response (“IVR”) system (notshown), commands to modify configuration settings associated with thefirst account of the calling system 125. In some cases, theconfiguration settings might include, without limitation, one of:permitting all international access; denying all international access;permitting international access when the chairperson is logged into thefirst account; or sending a prompt to the chairperson requesting whetheror not to permit international access when the chairperson is not loggedinto the first account; and/or the like.

In some embodiments, determining whether a database contains aconfigurable flag indicating that international access is not allowedfor the first account might include, without limitation, one of:querying the database to determine whether the database contains aconfigurable flag indicating that international access is not allowedfor the first account; or accessing, using an API, a web service todetermine whether the database contains a configurable flag indicatingthat international access is not allowed for the first account.According to some embodiments, initiating the one or more first actionsmight include, but is not limited to, one of: blocking access to thefirst account of the calling system by the first user device; promptingthe first user device to enter a valid access code until a number ofattempts exceeds an allowed number, simulating failed access code entry;based on a determination that a chairperson associated with the firstaccount is logged into the first account, providing the first userdevice with access to the first account of the calling system; or basedon a determination that a chairperson associated with the first accountis logged into the first account, sending a prompt to the chairpersonrequesting whether or not to permit the first user device to access thefirst account; and/or the like. By simulating failed access code entry,the originating party(ies) 110 might assume that the access code theyentered was invalid rather than because the account or conference bridgedoes not allow foreign access. From the perspective of the originatingparty(ies) 110, the particular account does not exist, and theoriginating party(ies) 110 (who is still connected to a front endrouting system (“CCRS”)) is free to attempt inputting another accesscode for a valid account, until the number of attempts exceeds anallowed number.

After providing the first user device with access to the first accountof the calling system 125, the first user device would be given theoption to request establishment of a call session with a destinationparty (e.g., destination party 120, or the like). In response, thecomputing system might initiate a call session with the destinationparty, the request comprising user information associated with theoriginating party and a destination number associated with thedestination party; might query a database (e.g., database(s) 150 a or150 b, or the like) with session data to access permission data andconfiguration data, the session data comprising the user information;might receive the permission data and the configuration data from thedatabase; and might configure fraud logic using the receivedconfiguration data. The computing system might analyze the receivedsession data and the received permission data using the configured fraudlogic to determine whether the originating party is permitted toestablish the requested call session with the destination party; basedon a determination that the originating party is permitted to establishthe requested call session with the destination party, might initiateone or more second actions; and, based on a determination that theoriginating party is not permitted to establish the requested callsession with the destination party, might initiate one or more thirdactions.

In some embodiments, the call session might include, without limitation,at least one of a voice call session, a video call session, ateleconferencing call session, a video conferencing call session, or amultimedia call session, and/or the like. In some instances, the userinformation associated with the originating party might include, but isnot limited to, at least one of a username, a user identifier, anaccount identifier, an origination number, a password, a passcode, asession code, a personal identification number (“PIN”) code, a leadercode, geographic location information, or Internet protocol (“IP”)address, and/or the like, each associated with at least one of theoriginating party or a user account of a calling system (e.g., thecalling system 125, or the like). In some cases, receiving the requestto initiate the call session with the destination party might comprisereceiving, with the computing system and from the first user deviceassociated with the originating party via the API (e.g., API 135, or thelike), the request to initiate the call session with the destinationparty. Alternatively, or additionally, receiving the request to initiatethe call session with the destination party might comprise receiving,with the computing system and from the first user device 105 associatedwith the originating party via a web service (e.g., using web server140, or the like), the request to initiate the call session with thedestination party.

According to some embodiments, determining whether the originating partyis permitted to establish the requested call session with thedestination party might comprise at least one of: determining based onthe permission data whether the originating party has a history of atleast one of fraudulent use or unauthorized use of the calling system;determining based on the permission data whether the originating partyis blocked at a company level from establishing a dial out to thedestination party; determining based on the permission data whether theoriginating party is blocked at an account level from establishing adial out to the destination party; or determining based on thepermission data whether a dial out to the destination party isexplicitly allowed for a specific user account of the originating party;and/or the like.

In some embodiments, determining based on the permission data whetherthe originating party has a history of at least one of fraudulent use orunauthorized use of the calling system might comprise at least one of:determining whether the originating party has a history of excessivedialing for a single account; determining whether the originating partyhas a history of excessive dialing across multiple accounts; determiningwhether the originating party has a history of initiating denial ofservice (“DoS”) type activities; determining whether a user account ofthe calling system that is used by the originating party to send therequest to initiate the call session has a history of excessive dialingfor a single account; determining whether the user account of thecalling system that is used by the originating party to send the requestto initiate the call session has a history of excessive dialing acrossmultiple accounts; determining whether the user account of the callingsystem that is used by the originating party to send the request toinitiate the call session has a history of initiating DOS typeactivities; determining whether a personal identification number (“PIN”)or leader code associated with the user account of the calling systemhas been incorrectly entered more than a predetermined number of times(e.g., 5 times or 6 times, or the like; which is likely indicative of“PIN scanning” by an offending party trying to guess at the PIN orleader code after having already identified a valid account, or thelike); determining whether an origination telephone number associatedwith the originating party does not match a telephone number associatedwith an account owner associated with the user account of the callingsystem; or determining whether the originating party is calling from alocation that is different from geographic location associated with theaccount owner; and/or the like.

In some cases, determining based on the permission data whether theoriginating party has a history of at least one of fraudulent use orunauthorized use of the calling system might alternatively oradditionally comprise at least one of: determining whether theoriginating party is attempting to hide its identity or to hide directcommunications by the originating party; determining whether theoriginating party is attempting to bypass long distance charges;determining whether the originating party is using the calling system asa bulk call generator; determining whether the originating party isusing the calling system as an originator of robocalls; determiningwhether the originating party is using the calling system as part of adenial of service (“DoS”) attack; determining whether a number ofout-dials from a single user account of the calling system exceeds apredetermined threshold number of calls within a predetermined period;determining whether the originating party is calling from a locationthat has a known propensity for initiating fraudulent calls; determiningwhether the originating party is located in a foreign country;determining whether the destination party is located in a foreigncountry; or utilizing at least one of an artificial intelligence (“AI”)system or a machine learning system to determine whether the callsession requested by the originating party constitutes at least one offraudulent use or unauthorized use of the calling system; and/or thelike. Any or all of these determinations may result in the call beingflagged for further investigation by the computing system or by aperson(s) alerted by the computing system. For example, if the number oftimes of dial-out or call-out exceeds a threshold amount (e.g., 20 timesin one day, for instance, although not limited to such an amount), thesystem might flag the activity for further investigation by thecomputing system or by the person(s) alerted by the computing system. Amore sensitive threshold amount may be set for activity that is focusedon a single destination number or single destination party, or the like.

According to some embodiments, initiating the one or more second actionsmight include, but is not limited to, at least one of: sending a messageto the first user device indicating that the call session between theoriginating party and the destination party is allowed; establishing thecall session between the first user device associated with theoriginating party and a second user device associated with thedestination party; or sending instructions to a call connection systemto establish the call session between the first user device associatedwith the originating party and the second user device associated withthe destination party; and/or the like.

In some embodiments, initiating the one or more third actions mightinclude, without limitation, at least one of: sending a message to thefirst user device indicating that the call session between theoriginating party and the destination party is denied; denying the callsession from being established between the first user device associatedwith the originating party and a second user device associated with thedestination party; blocking initiation of the call session between thefirst user device associated with the originating party and the seconduser device associated with the destination party; sending instructionsto a call connection system to deny or block initiation of the callsession between the first user device associated with the originatingparty and the second user device associated with the destination party;temporarily blocking a network trunk; escalating disablement of anetwork trunk; permanently blocking a network trunk; temporarilyblocking a user account with the calling system; escalating disablementof a user account with the calling system; permanently blocking a useraccount with the calling system; blocking one or more features of a useraccount with the calling system; changing routing of the call session toroute through specialized equipment for monitoring or recording the callsession; changing routing of the call session to route to a call center;changing routing of the call session to route to a law enforcementfacility; changing routing of the call session to route to a messageservice; changing routing of the call session to route to an interactivevoice response (“IVR”) system; changing routing of the call session toterminate the call session; sending an alert regarding the call sessionto at least one of a user account owner, a user account manager, a callcenter representative, or a law enforcement representative; sending ane-mail message regarding the call session to at least one of a useraccount owner, a user account manager, a call center representative, ora law enforcement representative; sending a short message service(“SMS”) message regarding the call session to at least one of a useraccount owner, a user account manager, a call center representative, ora law enforcement representative; sending a text message regarding thecall session to at least one of a user account owner, a user accountmanager, a call center representative, or a law enforcementrepresentative; initiating a telephone call regarding the call sessionto at least one of a user account owner, a user account manager, a callcenter representative, or a law enforcement representative; or logginginformation regarding the call session to a log file or a databasesystem.

These fraud monitoring and detection functionalities that areimplemented after providing the first user with access to the firstaccount of the calling system 125 is similar, if not identical, to thefunctionalities as described in detail below with respect to FIG. 3 andin the '712 and '945 applications.

These and other functions of the system 100 (and its components) aredescribed in greater detail below with respect to FIGS. 2-4.

FIG. 2 is a schematic flow diagram illustrating a method 200 forimplementing prevention of foreign initiated fraudulent or unauthorizeduse of calling service, in accordance with various embodiments.

With reference to the non-limiting embodiment of FIG. 2, at block 205, acomputing system (e.g., computing system 145 a or 145 b of FIG. 1, orthe like) or a calling system (e.g., calling system 125 of FIG. 1, orthe like) (collectively, “computing system”) might receive a call,initiated by an originating device (e.g., calling device(s) 105 of FIG.1, or the like) associated with an originating party (e.g., originatingparty(ies) 110 of FIG. 1, or the like), requesting access to aconferencing bridge (e.g., conferencing bridge 155 a-155 n of FIG. 1, orthe like). At block 210, the computing system might collect or receivean access code from the originating device. At block 215, the computingsystem might determine whether the access code is valid. If so, theprocess might continue onto block 235. If not, the process mightcontinue onto block 220. At block 220, the computing system mightincrement a failed attempt counter. At block 225, the computing systemmight determine whether the failed attempt counter exceeds an allowednumber of attempts (e.g., 3 attempts, 5 attempts, etc.). If so, theprocess might continue onto block 230. If not, the process might returnto block 210. At block 230, the computing system might end or disconnectthe call connection.

At block 235, the computing system might determine whether the calloriginates from a foreign country. If so, the process might continueonto block 240 a or block 240 b. If not, the process might continue ontoblock 255. At block 240 a, the computing system might check a databasefor a configuration flag “allowing foreign access.” Alternatively, atblock 240 b, the computing system might access a web service or webserver using an application programming interface (“API”) to check for aconfiguration flag “allowing foreign access.” At block 245, thecomputing system might determine whether the configuration flag ispresent in the database. If so, the process might continue onto block255. If not, the process might continue onto optional block 250 (ifapplicable) or might return to block 220 (if optional block 250 is notapplicable). At optional block 250, the computing system 250 mightdetermine whether the chairperson associated with the conferencingbridge is present. If so, the process might continue onto block 255. Ifnot, the process might return to block 220. At block 255, the computingsystem might provide the originating device with access to theconferencing bridge.

FIG. 3 is a schematic diagram illustrating a non-limiting example 300 ofuse of a trunking bridge for a telephone conference system or voicenetwork for which prevention of foreign initiated fraudulent orunauthorized use of calling service may be implemented, in accordancewith various embodiments.

Although FIG. 3 depicts a telephone conference configuration, thevarious embodiments are not so limited and the use of the trunkingbridge (as shown in FIG. 3) may be applicable to any suitable telephoneconference configuration examples or any call configuration (including,but not limited to, voice communications configuration videocommunications configuration, multimedia communications configuration,teleconferencing system configuration, and/or the like), or the like.

In the non-limiting embodiment of FIG. 3, an example 300 of aconfiguration for monitoring telephone conferencing might comprise asingle calling device 305 (each including, but not limited to, at leastone of a telephone 305 a, a smart phone 305 b, a mobile phone 305 c, atablet computer (not shown), a laptop computer (not shown), a wearabledevice (not shown), or the like) that is associated with or used by acorresponding call-in party 310 to initiate, or participate in, aconference call using telephone conference system or voice network 325via one or more networks 330 (similar to network(s) 130 of FIG. 1, orthe like). As indicated above, the various embodiments of the telephoneconference monitoring are not limited to a telephone conferenceconfiguration in which a single calling device 305 or single call-inparty 310 calling into the telephone conference system or voice network325, and may be applicable to more than one calling device 305 orcall-in party 310 calling into the telephone conference system or voicenetwork 325. The single call-in party 310 (in this case, call-in party310 a) might also call-out from the telephone conference system or voicenetwork 325, via network(s) 330, to one or more called devices 315 (eachincluding, but not limited to, at least one of a telephone 315 a, asmart phone 315 b, a mobile phone 315 c, a tablet computer (not shown),a laptop computer (not shown), a wearable device (not shown), or thelike) that are associated with or used by corresponding one or moredestination parties 320 a-320 c (collectively, “destination parties 320”or the like). In particular, the single call-in party 310 a might dialinto or call into a conference bridge 365 provided by the telephoneconference system or voice network 325 using a corresponding callingdevice 305, while also calling out to each called device 315 associatedwith or used by each corresponding destination party 320 a-320 c.

Compared with the configurations as shown in FIG. 1, a monitoring systemor web server 335 might be disposed between each calling device 305 orcalled device 315 and the conference bridge 365 or telephone conferencesystem or voice network 325. Specifically, a trunking bridge 360 of themonitoring system or web server 335 might be disposed between eachcalling device 305 or called device 315 and the conference bridge 365 ortelephone conference system or voice network 325, where all incomingcalls to the conference bridge 365 or telephone conference system orvoice network 325 are first received by the trunking bridge 360, whichthen relays the incoming calls to the conference bridge 365 or telephoneconference system or voice network 325, and where all outgoing callsfrom the conference bridge 365 or telephone conference system or voicenetwork 325 are first received by the trunking bridge 360, which thenrelays the outgoing calls to the called devices 315 associate with orused by each destination party 320 a-320 c (as depicted in FIG. 3 by thearrow pointing from the calling device 315 of call-in party 310 a to thetrunking bridge 360 of monitoring system or web server 335 throughnetwork(s) 330 (and in some cases, via an application programminginterface (“API”) 375 (optional)), and the arrows pointing from thetrunking bridge 360 through network(s) 330 to each called device 315,with a double-headed arrow pointing between the trunking bridge 360 andthe conference bridge 365). In some embodiments, the trunking bridge 360might include, without limitation, one of a public switched telephonenetwork (“PSTN”) trunking bridge, an integrated services digital network(“ISDN) trunking bridge, a voice over Internet protocol (“VoIP”)trunking bridge, or a session initiation protocol (“SIP”) trunkingbridge, and/or the like.

According to some embodiments, the monitoring system or web server 335might further comprise computing system 340 and correspondingdatabase(s) 345, one or more logging systems 350 (optional), one or moreartificial intelligence (“AI”) systems 355 (optional), and aninteractive voice response (“IVR”) system 370 (optional), or the like,in addition to the trunking bridge 360. Herein, although some componentsof monitoring system or web server 335 are indicated as being optionalwhile others are not, this is merely for the particular embodiment asshown, and, in other embodiments, one or more of the former set ofcomponents (or components indicated as being “optional”) may be requiredwhile one or more of the latter set of components (or components notindicated as being “optional”) may in fact be optional.

The computing system 340 (in some cases, in conjunction with use of theAI systems 355) might monitor the call activities of the call-in party310 a and the destination parties 320 a-320 c using the telephoneconference system or voice network 325 by monitoring the network(s) 330and tracking call connections through the trunking bridge 360 betweencalling device 305 associated with corresponding call-in party 310 a andthe conference bridge 365 and between the conference bridge 365 and eachcalled device 315 associated with corresponding destination party 320a-320 c. The call activity monitored by the computing system 340 throughthe trunking bridge 360 either might be stored in database(s) 345 and/ormight be logged by logging system(s) 350. In some cases, actionsinitiated by computing system 340, in response to determining thatfraudulent or unauthorized use of the telephone conference system orvoice network 325 has been detected, might include routing one or moreoffending parties 310 or 320 to IVR system 370 to obtain additionalinformation regarding the offending parties and/or to confirm fraudulentor unauthorized use of the telephone conference system or voice network325 by the one or more offending parties.

Other actions initiated by computing system 340, in response todetermining that fraudulent or unauthorized use of the telephoneconference system or voice network 325 has been detected, might, but arenot limited to, at least one of temporarily blocking a network trunk;escalating disablement of a network trunk; permanently blocking anetwork trunk; temporarily blocking an account with the telephoneconferencing system; escalating disablement of an account with thetelephone conferencing system; permanently blocking an account with thetelephone conferencing system; blocking one or more features of anaccount with the telephone conferencing system; changing routing of thecall to route through specialized equipment for monitoring or recordingthe call; changing routing of the call to route to a call center;changing routing of the call to route to a law enforcement facility;changing routing of the call to route to a message service; changingrouting of the call to terminate the call; sending an alert regardingthe call to at least one of an account owner, an account manager, a callcenter representative, or a law enforcement representative; sending ane-mail message regarding the call to at least one of an account owner,an account manager, a call center representative, or a law enforcementrepresentative; sending a short message service (“SMS”) messageregarding the call to at least one of an account owner, an accountmanager, a call center representative, or a law enforcementrepresentative; sending a text message regarding the call to at leastone of an account owner, an account manager, a call centerrepresentative, or a law enforcement representative; initiating atelephone call regarding the call to at least one of an account owner,an account manager, a call center representative, or a law enforcementrepresentative; or logging information regarding the call to a log fileor a database system (e.g., database 345 and/or logging system(s) 350,or the like); and/or the like. The use of the trunking bridge 360 mayfacilitate monitoring call activity and/or initiation of the actionslisted above.

The calling device 305, the call-in party 310, the called devices 315,the destination parties 320, the telephone conference system or voicenetwork 325, the network(s) 330, the monitoring system or web server335, the computing system 340, the database(s) 345, the one or morelogging systems 350, the AI systems 355, the conference bridge 365, andthe API 375 of FIG. 3 are otherwise similar, if not identical, to thecalling devices 105, the originating parties 110, the called devices115, the destination parties 120, the telephone conference system orvoice network 125, the network(s) 130 a-130 n, the web server 140, thecomputing system 145 a or 145 b, the database(s) 150 a or 150 b, the oneor more logging systems 160 a or 160 b, and the AI systems 165, theconference bridges 155 a-155 n, and API 135 of FIG. 1, and thedescriptions of these components of the telephone conferenceconfigurations shown in FIG. 3 are applicable to the correspondingcomponents of system 100, respectively.

FIGS. 4A-4C (collectively, “FIG. 4”) are flow diagrams illustrating amethod 400 for implementing prevention of foreign initiated fraudulentor unauthorized use of calling service, in accordance with variousembodiments.

While the techniques and procedures are depicted and/or described in acertain order for purposes of illustration, it should be appreciatedthat certain procedures may be reordered and/or omitted within the scopeof various embodiments. Moreover, while the method 400 illustrated byFIG. 4 can be implemented by or with (and, in some cases, are describedbelow with respect to) the systems, examples, or embodiments 100, 200,and 300 of FIGS. 1, 2, and 3, respectively (or components thereof), suchmethods may also be implemented using any suitable hardware (orsoftware) implementation. Similarly, while each of the systems,examples, or embodiments 100, 200, and 300 of FIGS. 1, 2, and 3,respectively (or components thereof), can operate according to themethod 400 illustrated by FIG. 4 (e.g., by executing instructionsembodied on a computer readable medium), the systems, examples, orembodiments 100, 200, and 300 of FIGS. 1, 2, and 3 can each also operateaccording to other modes of operation and/or perform other suitableprocedures.

In the non-limiting embodiment of FIG. 4A, method 400, at block 405,might comprise receiving, with a computing system of a calling systemand from a first user device associated with an originating party, arequest to access a first account of the calling system. In someembodiments, the computing system might include, without limitation, atleast one of a call server, a network switch, a network hub, a networknode, a voice communications system, a video communications system, amultimedia communications system, or a teleconferencing system, and/orthe like.

At block 410, method 400 might comprise receiving, with the computingsystem and from the first user device, an access code. Method 400 mightcomprise, at block 415, determining, with the computing system, whetherthe received access code is valid for the first account of the callingsystem. If so, the process might continue onto block 430. If not, theprocess might continue onto block 420. At block 420, method 400 mightcomprise determining, with the computing system, whether the number ofattempts exceeds an allowed or threshold number. If so, the processmight continue onto block 425. If not, the process might return to block410. At block 425, method 400 might comprise denying the first userdevice from access to the first account of the calling system.

At block 430, method 400 might comprise determining, with the computingsystem, whether the first user device associated with the originatingparty is located in a foreign country. If so, the process might continueonto block 435. If not, the process might continue onto block 445. Atblock 435, method 400 might comprise, based on a determination that thefirst user device associated with the originating party is located in aforeign country, determining, with the computing system, whether adatabase contains a configurable flag indicating that internationalaccess is not allowed for the first account. If so, the process mightcontinue onto block 440. If not, the process might continue onto block445. At block 440, method 400 might comprise, based on a determinationthat the database contains a configurable flag indicating thatinternational access is not allowed for the first account, initiatingone or more first actions.

At block 445, method 400 might comprise providing the first user devicewith access to the first account of the calling system. At optionalblock 450, method 400 might comprise, based on a determination that thereceived access code is valid, based on a determination that thedatabase does not contain a configurable flag indicating thatinternational access is not allowed for the first account, and based ona determination that the database does not already contain aconfigurable flag indicating that international access is allowed forthe first account, adding a configurable flag indicating thatinternational access is allowed for the first account. At optional block455, method 400 might comprise establishing a call session between thefirst user device associated with an originating party and a destinationdevice(s) associated with a destination party(ies).

Referring to FIG. 4B, determining whether a database contains aconfigurable flag indicating that international access is not allowedfor the first account (at block 435) might include, without limitation,one of: querying the database to determine whether the database containsa configurable flag indicating that international access is not allowedfor the first account (block 460); or accessing, using an applicationprogramming interface (“API”), a web service to determine whether thedatabase contains a configurable flag indicating that internationalaccess is not allowed for the first account (block 465).

With reference to FIG. 4C, initiating the one or more first actions (atblock 440) might comprise at least one of: blocking access to the firstaccount of the calling system by the first user device (block 470);prompting the first user device to enter a valid access code until anumber of attempts exceeds an allowed number, simulating failed accesscode entry (block 475); determining whether a chairperson associatedwith the first account is logged into the first account (block 480).Based on a determination that a chairperson associated with the firstaccount is logged into the first account, initiating the one or morefirst actions might comprise at least one of: providing the first userdevice with access to the first account of the calling system (block485); or sending a prompt to the chairperson requesting whether or notto permit the first user device to access the first account (block 490);and/or the like. In some cases, sending a prompt to the chairpersonmight include, but is not limited to, sending at least one of an e-mailmessage, a short message service (“SMS”) message, a text message, or atelephone call to the chairperson requesting whether or not to permitthe first user device to access the first account. By simulating failedaccess code entry, the originating party might assume that the accesscode they entered was invalid rather than because the account orconference bridge does not allow foreign access. From the perspective ofthe originating party, the particular account does not exist, and theoriginating party (who is still connected to a front end routing system(“CCRS”)) is free to attempt inputting another access code for a validaccount, until the number of attempts exceeds an allowed number.

Exemplary System and Hardware Implementation

FIG. 5 is a block diagram illustrating an exemplary computer or systemhardware architecture, in accordance with various embodiments. FIG. 5provides a schematic illustration of one embodiment of a computer system500 of the service provider system hardware that can perform the methodsprovided by various other embodiments, as described herein, and/or canperform the functions of computer or hardware system (i.e., callingdevices 105 and 305, called devices 115 and 315, web servers 140 and335, computing systems 145 a, 145 b, and 340, logging systems 160 a, 160b, and 350, artificial intelligence (“AI”) systems 165 and 355, userdevices 170, and interactive voice response (“IVR”) system 370, etc.),as described above. It should be noted that FIG. 5 is meant only toprovide a generalized illustration of various components, of which oneor more (or none) of each may be utilized as appropriate. FIG. 5,therefore, broadly illustrates how individual system elements may beimplemented in a relatively separated or relatively more integratedmanner. The computer or hardware system 500—which might represent anembodiment of the computer or hardware system (i.e., calling devices 105and 305, called devices 115 and 315, web servers 140 and 335, computingsystems 145 a, 145 b, and 340, logging systems 160 a, 160 b, and 350, AIsystems 165 and 355, user devices 170, and IVR system 370, etc.),described above with respect to FIGS. 1-4—is shown comprising hardwareelements that can be electrically coupled via a bus 505 (or mayotherwise be in communication, as appropriate). The hardware elementsmay include one or more processors 510, including, without limitation,one or more general-purpose processors and/or one or morespecial-purpose processors (such as microprocessors, digital signalprocessing chips, graphics acceleration processors, and/or the like);one or more input devices 515, which can include, without limitation, amouse, a keyboard, and/or the like; and one or more output devices 520,which can include, without limitation, a display device, a printer,and/or the like.

The computer or hardware system 500 may further include (and/or be incommunication with) one or more storage devices 525, which can comprise,without limitation, local and/or network accessible storage, and/or caninclude, without limitation, a disk drive, a drive array, an opticalstorage device, solid-state storage device such as a random accessmemory (“RAM”) and/or a read-only memory (“ROM”), which can beprogrammable, flash-updateable, and/or the like. Such storage devicesmay be configured to implement any appropriate data stores, including,without limitation, various file systems, database structures, and/orthe like.

The computer or hardware system 500 might also include a communicationssubsystem 530, which can include, without limitation, a modem, a networkcard (wireless or wired), an infra-red communication device, a wirelesscommunication device and/or chipset (such as a Bluetooth™ device, an802.11 device, a WiFi device, a WiMax device, a WWAN device, cellularcommunication facilities, etc.), and/or the like. The communicationssubsystem 530 may permit data to be exchanged with a network (such asthe network described below, to name one example), with other computeror hardware systems, and/or with any other devices described herein. Inmany embodiments, the computer or hardware system 500 will furthercomprise a working memory 535, which can include a RAM or ROM device, asdescribed above.

The computer or hardware system 500 also may comprise software elements,shown as being currently located within the working memory 535,including an operating system 540, device drivers, executable libraries,and/or other code, such as one or more application programs 545, whichmay comprise computer programs provided by various embodiments(including, without limitation, hypervisors, VMs, and the like), and/ormay be designed to implement methods, and/or configure systems, providedby other embodiments, as described herein. Merely by way of example, oneor more procedures described with respect to the method(s) discussedabove might be implemented as code and/or instructions executable by acomputer (and/or a processor within a computer); in an aspect, then,such code and/or instructions can be used to configure and/or adapt ageneral purpose computer (or other device) to perform one or moreoperations in accordance with the described methods.

A set of these instructions and/or code might be encoded and/or storedon a non-transitory computer readable storage medium, such as thestorage device(s) 525 described above. In some cases, the storage mediummight be incorporated within a computer system, such as the system 500.In other embodiments, the storage medium might be separate from acomputer system (i.e., a removable medium, such as a compact disc,etc.), and/or provided in an installation package, such that the storagemedium can be used to program, configure, and/or adapt a general purposecomputer with the instructions/code stored thereon. These instructionsmight take the form of executable code, which is executable by thecomputer or hardware system 500 and/or might take the form of sourceand/or installable code, which, upon compilation and/or installation onthe computer or hardware system 500 (e.g., using any of a variety ofgenerally available compilers, installation programs,compression/decompression utilities, etc.) then takes the form ofexecutable code.

It will be apparent to those skilled in the art that substantialvariations may be made in accordance with specific requirements. Forexample, customized hardware (such as programmable logic controllers,field-programmable gate arrays, application-specific integratedcircuits, and/or the like) might also be used, and/or particularelements might be implemented in hardware, software (including portablesoftware, such as applets, etc.), or both. Further, connection to othercomputing devices such as network input/output devices may be employed.

As mentioned above, in one aspect, some embodiments may employ acomputer or hardware system (such as the computer or hardware system500) to perform methods in accordance with various embodiments of theinvention. According to a set of embodiments, some or all of theprocedures of such methods are performed by the computer or hardwaresystem 500 in response to processor 510 executing one or more sequencesof one or more instructions (which might be incorporated into theoperating system 540 and/or other code, such as an application program545) contained in the working memory 535. Such instructions may be readinto the working memory 535 from another computer readable medium, suchas one or more of the storage device(s) 525. Merely by way of example,execution of the sequences of instructions contained in the workingmemory 535 might cause the processor(s) 510 to perform one or moreprocedures of the methods described herein.

The terms “machine readable medium” and “computer readable medium,” asused herein, refer to any medium that participates in providing datathat causes a machine to operate in a specific fashion. In an embodimentimplemented using the computer or hardware system 500, various computerreadable media might be involved in providing instructions/code toprocessor(s) 510 for execution and/or might be used to store and/orcarry such instructions/code (e.g., as signals). In manyimplementations, a computer readable medium is a non-transitory,physical, and/or tangible storage medium. In some embodiments, acomputer readable medium may take many forms, including, but not limitedto, non-volatile media, volatile media, or the like. Non-volatile mediaincludes, for example, optical and/or magnetic disks, such as thestorage device(s) 525. Volatile media includes, without limitation,dynamic memory, such as the working memory 535. In some alternativeembodiments, a computer readable medium may take the form oftransmission media, which includes, without limitation, coaxial cables,copper wire, and fiber optics, including the wires that comprise the bus505, as well as the various components of the communication subsystem530 (and/or the media by which the communications subsystem 530 providescommunication with other devices). In an alternative set of embodiments,transmission media can also take the form of waves (including withoutlimitation radio, acoustic, and/or light waves, such as those generatedduring radio-wave and infra-red data communications).

Common forms of physical and/or tangible computer readable mediainclude, for example, a floppy disk, a flexible disk, a hard disk,magnetic tape, or any other magnetic medium, a CD-ROM, any other opticalmedium, punch cards, paper tape, any other physical medium with patternsof holes, a RAM, a PROM, and EPROM, a FLASH-EPROM, any other memory chipor cartridge, a carrier wave as described hereinafter, or any othermedium from which a computer can read instructions and/or code.

Various forms of computer readable media may be involved in carrying oneor more sequences of one or more instructions to the processor(s) 510for execution. Merely by way of example, the instructions may initiallybe carried on a magnetic disk and/or optical disc of a remote computer.A remote computer might load the instructions into its dynamic memoryand send the instructions as signals over a transmission medium to bereceived and/or executed by the computer or hardware system 500. Thesesignals, which might be in the form of electromagnetic signals, acousticsignals, optical signals, and/or the like, are all examples of carrierwaves on which instructions can be encoded, in accordance with variousembodiments of the invention.

The communications subsystem 530 (and/or components thereof) generallywill receive the signals, and the bus 505 then might carry the signals(and/or the data, instructions, etc. carried by the signals) to theworking memory 535, from which the processor(s) 505 retrieves andexecutes the instructions. The instructions received by the workingmemory 535 may optionally be stored on a storage device 525 eitherbefore or after execution by the processor(s) 510.

As noted above, a set of embodiments comprises methods and systems forimplementing monitoring, detection, and/or prevention of fraudulent orunauthorized use, and, more particularly, to methods, systems, andapparatuses for implementing prevention of foreign initiated fraudulentor unauthorized use of calling service. FIG. 6 illustrates a schematicdiagram of a system 600 that can be used in accordance with one set ofembodiments. The system 600 can include one or more user computers, userdevices, or customer devices 605. A user computer, user device, orcustomer device 605 can be a general purpose personal computer(including, merely by way of example, desktop computers, tabletcomputers, laptop computers, handheld computers, and the like, runningany appropriate operating system, several of which are available fromvendors such as Apple, Microsoft Corp., and the like), cloud computingdevices, a server(s), and/or a workstation computer(s) running any of avariety of commercially-available UNIX™ or UNIX-like operating systems.A user computer, user device, or customer device 605 can also have anyof a variety of applications, including one or more applicationsconfigured to perform methods provided by various embodiments (asdescribed above, for example), as well as one or more officeapplications, database client and/or server applications, and/or webbrowser applications. Alternatively, a user computer, user device, orcustomer device 605 can be any other electronic device, such as athin-client computer, Internet-enabled mobile telephone, and/or personaldigital assistant, capable of communicating via a network (e.g., thenetwork(s) 610 described below) and/or of displaying and navigating webpages or other types of electronic documents. Although the exemplarysystem 600 is shown with two user computers, user devices, or customerdevices 605, any number of user computers, user devices, or customerdevices can be supported.

Certain embodiments operate in a networked environment, which caninclude a network(s) 610. The network(s) 610 can be any type of networkfamiliar to those skilled in the art that can support datacommunications using any of a variety of commercially-available (and/orfree or proprietary) protocols, including, without limitation, TCP/IP,SNA™, IPX™, AppleTalk™, and the like. Merely by way of example, thenetwork(s) 610 (similar to network(s) 130 a-130 n and 330 FIGS. 1 and 3,or the like) can each include a local area network (“LAN”), including,without limitation, a fiber network, an Ethernet network, a Token-Ring™network, and/or the like; a wide-area network (“WAN”); a wireless widearea network (“WWAN”); a virtual network, such as a virtual privatenetwork (“VPN”); the Internet; an intranet; an extranet; a publicswitched telephone network (“PSTN”); an infra-red network; a wirelessnetwork, including, without limitation, a network operating under any ofthe IEEE 802.11 suite of protocols, the Bluetooth™ protocol known in theart, and/or any other wireless protocol; and/or any combination of theseand/or other networks. In a particular embodiment, the network mightinclude an access network of the service provider (e.g., an Internetservice provider (“ISP”)). In another embodiment, the network mightinclude a core network of the service provider, and/or the Internet.

Embodiments can also include one or more server computers 615. Each ofthe server computers 615 may be configured with an operating system,including, without limitation, any of those discussed above, as well asany commercially (or freely) available server operating systems. Each ofthe servers 615 may also be running one or more applications, which canbe configured to provide services to one or more clients 605 and/orother servers 615.

Merely by way of example, one of the servers 615 might be a data server,a web server, a cloud computing device(s), or the like, as describedabove. The data server might include (or be in communication with) a webserver, which can be used, merely by way of example, to process requestsfor web pages or other electronic documents from user computers 605. Theweb server can also run a variety of server applications, including HTTPservers, FTP servers, CGI servers, database servers, Java servers, andthe like. In some embodiments of the invention, the web server may beconfigured to serve web pages that can be operated within a web browseron one or more of the user computers 605 to perform methods of theinvention.

The server computers 615, in some embodiments, might include one or moreapplication servers, which can be configured with one or moreapplications accessible by a client running on one or more of the clientcomputers 605 and/or other servers 615. Merely by way of example, theserver(s) 615 can be one or more general purpose computers capable ofexecuting programs or scripts in response to the user computers 605and/or other servers 615, including, without limitation, webapplications (which might, in some cases, be configured to performmethods provided by various embodiments). Merely by way of example, aweb application can be implemented as one or more scripts or programswritten in any suitable programming language, such as Java™, C, C#™ orC++, and/or any scripting language, such as Perl, Python, or TCL, aswell as combinations of any programming and/or scripting languages. Theapplication server(s) can also include database servers, including,without limitation, those commercially available from Oracle™,Microsoft™, Sybase™, IBM™, and the like, which can process requests fromclients (including, depending on the configuration, dedicated databaseclients, API clients, web browsers, etc.) running on a user computer,user device, or customer device 605 and/or another server 615. In someembodiments, an application server can perform one or more of theprocesses for implementing monitoring, detection, and/or prevention offraudulent or unauthorized use, and, more particularly, to methods,systems, and apparatuses for implementing prevention of foreigninitiated fraudulent or unauthorized use of calling service, asdescribed in detail above. Data provided by an application server may beformatted as one or more web pages (comprising HTML, JavaScript, etc.,for example) and/or may be forwarded to a user computer 605 via a webserver (as described above, for example). Similarly, a web server mightreceive web page requests and/or input data from a user computer 605and/or forward the web page requests and/or input data to an applicationserver. In some cases, a web server may be integrated with anapplication server.

In accordance with further embodiments, one or more servers 615 canfunction as a file server and/or can include one or more of the files(e.g., application code, data files, etc.) necessary to implementvarious disclosed methods, incorporated by an application running on auser computer 605 and/or another server 615. Alternatively, as thoseskilled in the art will appreciate, a file server can include allnecessary files, allowing such an application to be invoked remotely bya user computer, user device, or customer device 605 and/or server 615.

It should be noted that the functions described with respect to variousservers herein (e.g., application server, database server, web server,file server, etc.) can be performed by a single server and/or aplurality of specialized servers, depending on implementation-specificneeds and parameters.

In certain embodiments, the system can include one or more databases 620a-620 n (collectively, “databases 620”). The location of each of thedatabases 620 is discretionary: merely by way of example, a database 620a might reside on a storage medium local to (and/or resident in) aserver 615 a (and/or a user computer, user device, or customer device605). Alternatively, a database 620 n can be remote from any or all ofthe computers 605, 615, so long as it can be in communication (e.g., viathe network 610) with one or more of these. In a particular set ofembodiments, a database 620 can reside in a storage-area network (“SAN”)familiar to those skilled in the art. (Likewise, any necessary files forperforming the functions attributed to the computers 605, 615 can bestored locally on the respective computer and/or remotely, asappropriate.) In one set of embodiments, the database 620 can be arelational database, such as an Oracle database, that is adapted tostore, update, and retrieve data in response to SQL-formatted commands.The database might be controlled and/or maintained by a database server,as described above, for example.

According to some embodiments, system 600 might further comprise acalling device(s) 625 (similar to calling devices 105 and 305 of FIGS. 1and 3, or the like) associated with each of one or more correspondingoriginating parties 630 (similar to originating parties 110 or 310 ofFIGS. 1 and 3, or the like) and a called device(s) 635 (similar tocalled devices 115 and 315 of FIGS. 1 and 3, or the like) associatedwith each of one or more corresponding destination parties 640 (similarto destination parties 120 and 320 of FIGS. 1 and 3, or the like).System 600 might further comprise calling system 645 (similar to callingsystem or telephone conference system or voice networks 125 and 325 ofFIGS. 1 and 3, or the like), computing system 650 a and correspondingdatabase(s) 655 a (similar to computing systems 145 a and 340 andcorresponding database(s) 150 a and 345 of FIGS. 1 and 3, or the like),computing system 650 b and corresponding database(s) 655 b (similar tocomputing system 145 b and 340 and corresponding database(s) 150 b and345 of FIG. 1, or the like). Computing system 650 a and correspondingdatabase(s) 655 a might be disposed external to calling system ortelephone conference system or voice network 645, while computing system650 b and corresponding database(s) 655 b might be disposed withincalling system or telephone conference system or voice network 645.System 600 might further comprise one or more conference bridges 660a-660 n (similar to conference bridges 155 a-155 n and 365 of FIGS. 1and 3, or the like), one or more logging systems 665 a (optional;similar to logging systems 160 a and 350 of FIGS. 1 and 3, or the like),and one or more artificial intelligence (“AI”) systems 670 (optional;similar to AI systems 165 and 355 of FIGS. 1 and 3, or the like), eachof which may be disposed within calling system or telephone conferencesystem or voice network 645. System 600 might further comprise one ormore logging systems 665 b (optional; similar to logging systems 160 band 350 of FIGS. 1 and 3, or the like) that may be disposed external tocalling system or telephone conference system or voice network 645.

In operation, computing system 650 a, computing system 650 b, web server680, or a monitoring system (such as monitoring system or web server 335of FIG. 3, or the like) (collectively, “computing system” or the like)might receive, from a first user device (e.g., calling device(s) 625, orthe like) associated with an originating party (e.g., originating party630, or the like), a request to access a first account of the callingsystem 645. The computing system might receive, from the first userdevice, an access code. The computing system might determine whether thereceived access code is valid for the first account of the callingsystem. Based on a determination that the received access code is valid,the computing system might determine whether the first user deviceassociated with the originating party is located in a foreign country(i.e., location 690, or the like). Based on a determination that thefirst user device associated with the originating party is located in aforeign country, the computing system might determine whether a database(e.g., database(s) 655 a and/or database(s) 655 b, and/or the like)contains a configurable flag indicating that international access is notallowed for the first account. Based on a determination that thedatabase contains a configurable flag indicating that internationalaccess is not allowed for the first account, the computing system mightinitiate one or more first actions. Based on a determination that thedatabase does not contain a configurable flag indicating thatinternational access is not allowed for the first account or that thedatabase contains a configurable flag indicating that internationalaccess is allowed for the first account, the computing system mightprovide the first user device with access to the first account of thecalling system 645.

In some embodiments, based on a determination that the received accesscode is valid, based on a determination that the database does notcontain a configurable flag indicating that international access is notallowed for the first account, and based on a determination that thedatabase does not already contain a configurable flag indicating thatinternational access is allowed for the first account, the computingsystem might add a configurable flag indicating that internationalaccess is allowed for the first account. In some cases, receiving therequest to access the first account of the calling system might comprisereceiving, from the first user device associated with the originatingparty via an application programming interface (“API”) 675, a request toaccess the first account of the calling system 645. In some instances,receiving the request to access the first account of the calling systemmight comprise receiving, from the first user device associated with theoriginating party via a web service 680, a request to access the firstaccount of the calling system 645.

According to some embodiments, the computing system might receive, froma user device of a chairperson associated with the first account via oneof an API 675 or an interactive voice response (“IVR”) system (notshown), commands to modify configuration settings associated with thefirst account of the calling system 645. In some cases, theconfiguration settings might include, without limitation, one of:permitting all international access; denying all international access;permitting international access when the chairperson is logged into thefirst account; or sending a prompt to the chairperson requesting whetheror not to permit international access when the chairperson is not loggedinto the first account; and/or the like.

In some embodiments, determining whether a database contains aconfigurable flag indicating that international access is not allowedfor the first account might include, without limitation, one of:querying the database to determine whether the database contains aconfigurable flag indicating that international access is not allowedfor the first account; or accessing, using an API, a web service todetermine whether the database contains a configurable flag indicatingthat international access is not allowed for the first account.According to some embodiments, initiating the one or more first actionsmight include, but is not limited to, one of: blocking access to thefirst account of the calling system by the first user device; promptingthe first user device to enter a valid access code until a number ofattempts exceeds an allowed number, simulating failed access code entry;based on a determination that a chairperson associated with the firstaccount is logged into the first account, providing the first userdevice with access to the first account of the calling system; or basedon a determination that a chairperson associated with the first accountis logged into the first account, sending a prompt to the chairpersonrequesting whether or not to permit the first user device to access thefirst account; and/or the like.

After providing the first user device with access to the first accountof the calling system 645, the first user device would be given theoption to request establishment of a call session with a destinationparty (e.g., destination party 640, or the like). In response, thecomputing system might initiate a call session with the destinationparty, the request comprising user information associated with theoriginating party and a destination number associated with thedestination party; might query a database (e.g., database(s) 655 a or655 b, or the like) with session data to access permission data andconfiguration data, the session data comprising the user information;might receive the permission data and the configuration data from thedatabase; and might configure fraud logic using the receivedconfiguration data. The computing system might analyze the receivedsession data and the received permission data using the configured fraudlogic to determine whether the originating party is permitted toestablish the requested call session with the destination party; basedon a determination that the originating party is permitted to establishthe requested call session with the destination party, might initiateone or more second actions; and, based on a determination that theoriginating party is not permitted to establish the requested callsession with the destination party, might initiate one or more thirdactions.

In some embodiments, the call session might include, without limitation,at least one of a voice call session, a video call session, ateleconferencing call session, a video conferencing call session, or amultimedia call session, and/or the like. In some instances, the userinformation associated with the originating party might include, but isnot limited to, at least one of a username, a user identifier, anaccount identifier, an origination number, a password, a passcode, asession code, a personal identification number (“PIN”) code, a leadercode, geographic location information, or Internet protocol (“IP”)address, and/or the like, each associated with at least one of theoriginating party or a user account of a calling system (e.g., thecalling system 645, or the like). In some cases, receiving the requestto initiate the call session with the destination party might comprisereceiving, with the computing system and from the first user deviceassociated with the originating party via the API (e.g., API 675, or thelike), the request to initiate the call session with the destinationparty. Alternatively, or additionally, receiving the request to initiatethe call session with the destination party might comprise receiving,with the computing system and from the first user device 605 a or 605 bassociated with the originating party via a web service (e.g., using webserver 680, or the like), the request to initiate the call session withthe destination party.

According to some embodiments, determining whether the originating partyis permitted to establish the requested call session with thedestination party might comprise at least one of: determining based onthe permission data whether the originating party has a history of atleast one of fraudulent use or unauthorized use of the calling system;determining based on the permission data whether the originating partyis blocked at a company level from establishing a dial out to thedestination party; determining based on the permission data whether theoriginating party is blocked at an account level from establishing adial out to the destination party; or determining based on thepermission data whether a dial out to the destination party isexplicitly allowed for a specific user account of the originating party;and/or the like.

In some embodiments, determining based on the permission data whetherthe originating party has a history of at least one of fraudulent use orunauthorized use of the calling system might comprise at least one of:determining whether the originating party has a history of excessivedialing for a single account; determining whether the originating partyhas a history of excessive dialing across multiple accounts; determiningwhether the originating party has a history of initiating denial ofservice (“DoS”) type activities; determining whether a user account ofthe calling system that is used by the originating party to send therequest to initiate the call session has a history of excessive dialingfor a single account; determining whether the user account of thecalling system that is used by the originating party to send the requestto initiate the call session has a history of excessive dialing acrossmultiple accounts; determining whether the user account of the callingsystem that is used by the originating party to send the request toinitiate the call session has a history of initiating DOS typeactivities; determining whether a personal identification number (“PIN”)or leader code associated with the user account of the calling systemhas been incorrectly entered more than a predetermined number of times(e.g., 5 times or 6 times, or the like; which is likely indicative of“PIN scanning” by an offending party trying to guess at the PIN orleader code after having already identified a valid account, or thelike); determining whether an origination telephone number associatedwith the originating party does not match a telephone number associatedwith an account owner associated with the user account of the callingsystem; or determining whether the originating party is calling from alocation that is different from geographic location associated with theaccount owner; and/or the like.

In some cases, determining based on the permission data whether theoriginating party has a history of at least one of fraudulent use orunauthorized use of the calling system might alternatively oradditionally comprise at least one of: determining whether theoriginating party is attempting to hide its identity or to hide directcommunications by the originating party; determining whether theoriginating party is attempting to bypass long distance charges;determining whether the originating party is using the calling system asa bulk call generator; determining whether the originating party isusing the calling system as an originator of robocalls; determiningwhether the originating party is using the calling system as part of adenial of service (“DoS”) attack; determining whether a number ofout-dials from a single user account of the calling system exceeds apredetermined threshold number of calls within a predetermined period;determining whether the originating party is calling from a locationthat has a known propensity for initiating fraudulent calls; determiningwhether the originating party is located in a foreign country;determining whether the destination party is located in a foreigncountry; or utilizing at least one of an artificial intelligence (“AI”)system or a machine learning system to determine whether the callsession requested by the originating party constitutes at least one offraudulent use or unauthorized use of the calling system; and/or thelike. Any or all of these determinations may result in the call beingflagged for further investigation by the computing system or by aperson(s) alerted by the computing system. For example, if the number oftimes of dial-out or call-out exceeds a threshold amount (e.g., 20 timesin one day, for instance, although not limited to such an amount), thesystem might flag the activity for further investigation by thecomputing system or by the person(s) alerted by the computing system. Amore sensitive threshold amount may be set for activity that is focusedon a single destination number or single destination party, or the like.

According to some embodiments, initiating the one or more second actionsmight include, but is not limited to, at least one of: sending a messageto the first user device indicating that the call session between theoriginating party and the destination party is allowed; establishing thecall session between the first user device associated with theoriginating party and a second user device associated with thedestination party; or sending instructions to a call connection systemto establish the call session between the first user device associatedwith the originating party and the second user device associated withthe destination party; and/or the like.

In some embodiments, initiating the one or more third actions mightinclude, without limitation, at least one of: sending a message to thefirst user device indicating that the call session between theoriginating party and the destination party is denied; denying the callsession from being established between the first user device associatedwith the originating party and a second user device associated with thedestination party; blocking initiation of the call session between thefirst user device associated with the originating party and the seconduser device associated with the destination party; sending instructionsto a call connection system to deny or block initiation of the callsession between the first user device associated with the originatingparty and the second user device associated with the destination party;temporarily blocking a network trunk; escalating disablement of anetwork trunk; permanently blocking a network trunk; temporarilyblocking a user account with the calling system; escalating disablementof a user account with the calling system; permanently blocking a useraccount with the calling system; blocking one or more features of a useraccount with the calling system; changing routing of the call session toroute through specialized equipment for monitoring or recording the callsession; changing routing of the call session to route to a call center;changing routing of the call session to route to a law enforcementfacility; changing routing of the call session to route to a messageservice; changing routing of the call session to route to an interactivevoice response (“IVR”) system; changing routing of the call session toterminate the call session; sending an alert regarding the call sessionto at least one of a user account owner, a user account manager, a callcenter representative, or a law enforcement representative; sending ane-mail message regarding the call session to at least one of a useraccount owner, a user account manager, a call center representative, ora law enforcement representative; sending a short message service(“SMS”) message regarding the call session to at least one of a useraccount owner, a user account manager, a call center representative, ora law enforcement representative; sending a text message regarding thecall session to at least one of a user account owner, a user accountmanager, a call center representative, or a law enforcementrepresentative; initiating a telephone call regarding the call sessionto at least one of a user account owner, a user account manager, a callcenter representative, or a law enforcement representative; or logginginformation regarding the call session to a log file or a databasesystem.

These and other functions of the system 600 (and its components) aredescribed in greater detail above with respect to FIGS. 1-4.

While certain features and aspects have been described with respect toexemplary embodiments, one skilled in the art will recognize thatnumerous modifications are possible. For example, the methods andprocesses described herein may be implemented using hardware components,software components, and/or any combination thereof. Further, whilevarious methods and processes described herein may be described withrespect to particular structural and/or functional components for easeof description, methods provided by various embodiments are not limitedto any particular structural and/or functional architecture but insteadcan be implemented on any suitable hardware, firmware and/or softwareconfiguration. Similarly, while certain functionality is ascribed tocertain system components, unless the context dictates otherwise, thisfunctionality can be distributed among various other system componentsin accordance with the several embodiments.

Moreover, while the procedures of the methods and processes describedherein are described in a particular order for ease of description,unless the context dictates otherwise, various procedures may bereordered, added, and/or omitted in accordance with various embodiments.Moreover, the procedures described with respect to one method or processmay be incorporated within other described methods or processes;likewise, system components described according to a particularstructural architecture and/or with respect to one system may beorganized in alternative structural architectures and/or incorporatedwithin other described systems. Hence, while various embodiments aredescribed with—or without—certain features for ease of description andto illustrate exemplary aspects of those embodiments, the variouscomponents and/or features described herein with respect to a particularembodiment can be substituted, added and/or subtracted from among otherdescribed embodiments, unless the context dictates otherwise.Consequently, although several exemplary embodiments are describedabove, it will be appreciated that the invention is intended to coverall modifications and equivalents within the scope of the followingclaims.

What is claimed is:
 1. A method, comprising: receiving, with a computingsystem of a calling system and from a first user device associated withan originating party, a request to access a first account of the callingsystem; determining, with the computing system, whether the first userdevice associated with the originating party is located in a foreigncountry; based on a determination that the first user device associatedwith the originating party is located in a foreign country, determining,with the computing system, whether a database contains a configurableflag indicating that international access is not allowed for the firstaccount; based on a determination that the database contains aconfigurable flag indicating that international access is not allowedfor the first account, initiating one or more first actions; based on adetermination that the database does not contain a configurable flagindicating that international access is not allowed for the firstaccount or that the database contains a configurable flag indicatingthat international access is allowed for the first account, providingthe first user device with access to the first account of the callingsystem.
 2. The method of claim 1, wherein the computing system comprisesat least one of a call server, a network switch, a network hub, anetwork node, a voice communications system, a video communicationssystem, a multimedia communications system, or a teleconferencingsystem.
 3. The method of claim 1, wherein the database is at least oneof communicatively coupled to the computing system, communicativelycoupled to the calling system, located local to the computing system, orlocated remote to the computing system.
 4. The method of claim 1,further comprising: based on a determination that the database does notcontain a configurable flag indicating that international access is notallowed for the first account, and based on a determination that thedatabase does not already contain a configurable flag indicating thatinternational access is allowed for the first account, adding aconfigurable flag indicating that international access is allowed forthe first account.
 5. The method of claim 1, wherein receiving therequest to access the first account of the calling system comprisesreceiving, with the computing system of the calling system and from thefirst user device associated with the originating party via anapplication programming interface (“API”), a request to access the firstaccount of the calling system.
 6. The method of claim 1, whereinreceiving the request to access the first account of the calling systemcomprises receiving, with the computing system of the calling system andfrom the first user device associated with the originating party via aweb service, a request to access the first account of the callingsystem.
 7. The method of claim 1, further comprising: receiving, withthe computing system and from a user device of a chairperson associatedwith the first account via one of an application programming interface(“API”) or an interactive voice response (“IVR”) system, commands tomodify configuration settings associated with the first account of thecalling system.
 8. The method of claim 7, wherein the configurationsettings comprises one of: permitting all international access; denyingall international access; permitting international access when thechairperson is logged into the first account; or sending a prompt to thechairperson requesting whether or not to permit international accesswhen the chairperson is not logged into the first account.
 9. The methodof claim 1, wherein determining whether a database contains aconfigurable flag indicating that international access is not allowedfor the first account comprises one of: querying, with the computingsystem, the database to determine whether the database contains aconfigurable flag indicating that international access is not allowedfor the first account; or accessing, with the computing system and usingan application programming interface (“API”), a web service to determinewhether the database contains a configurable flag indicating thatinternational access is not allowed for the first account.
 10. Themethod of claim 1, wherein initiating the one or more first actionscomprises one of: blocking access to the first account of the callingsystem by the first user device; prompting the first user device toenter a valid access code until a number of attempts exceeds an allowednumber, simulating failed access code entry; based on a determinationthat a chairperson associated with the first account is logged into thefirst account, providing the first user device with access to the firstaccount of the calling system; or based on a determination that achairperson associated with the first account is logged into the firstaccount, sending a prompt to the chairperson requesting whether or notto permit the first user device to access the first account.
 11. Anapparatus, comprising: at least one processor; and a non-transitorycomputer readable medium communicatively coupled to the at least oneprocessor, the non-transitory computer readable medium having storedthereon computer software comprising a set of instructions that, whenexecuted by the at least one processor, causes the apparatus to:receive, from a first user device associated with an originating party,a request to access a first account of the calling system; determinewhether the first user device associated with the originating party islocated in a foreign country; based on a determination that the firstuser device associated with the originating party is located in aforeign country, determine whether a database contains a configurableflag indicating that international access is not allowed for the firstaccount; based on a determination that the database contains aconfigurable flag indicating that international access is not allowedfor the first account, initiate one or more first actions; based on adetermination that the database does not contain a configurable flagindicating that international access is not allowed for the firstaccount or that the database contains a configurable flag indicatingthat international access is allowed for the first account, provide thefirst user device with access to the first account of the callingsystem.
 12. The apparatus of claim 11, wherein initiating the one ormore first actions comprises one of: blocking access to the firstaccount of the calling system by the first user device; prompting thefirst user device to enter a valid access code until a number ofattempts exceeds an allowed number, simulating failed access code entry;based on a determination that a chairperson associated with the firstaccount is logged into the first account, providing the first userdevice with access to the first account of the calling system; or basedon a determination that a chairperson associated with the first accountis logged into the first account, sending a prompt to the chairpersonrequesting whether or not to permit the first user device to access thefirst account.
 13. A system, comprising: a computing system of a callingsystem, comprising: at least one first processor; and a firstnon-transitory computer readable medium communicatively coupled to theat least one first processor, the first non-transitory computer readablemedium having stored thereon computer software comprising a first set ofinstructions that, when executed by the at least one first processor,causes the computing system to: receive, from a first user deviceassociated with an originating party, a request to access a firstaccount of the calling system; determine whether the first user deviceassociated with the originating party is located in a foreign country;based on a determination that the first user device associated with theoriginating party is located in a foreign country, determine whether adatabase contains a configurable flag indicating that internationalaccess is not allowed for the first account; based on a determinationthat the database contains a configurable flag indicating thatinternational access is not allowed for the first account, initiate oneor more first actions; based on a determination that the database doesnot contain a configurable flag indicating that international access isnot allowed for the first account or that the database contains aconfigurable flag indicating that international access is allowed forthe first account, provide the first user device with access to thefirst account of the calling system.
 14. The system of claim 13, whereinthe computing system comprises at least one of a call server, a networkswitch, a network hub, a network node, a voice communications system, avideo communications system, a multimedia communications system, or ateleconferencing system.
 15. The system of claim 13, wherein thedatabase is at least one of communicatively coupled to the computingsystem, communicatively coupled to the calling system, located local tothe computing system, or located remote to the computing system.
 16. Thesystem of claim 13, wherein the first set of instructions, when executedby the at least one first processor, further causes the computing systemto: based on a determination that the database does not contain aconfigurable flag indicating that international access is not allowedfor the first account, and based on a determination that the databasedoes not already contain a configurable flag indicating thatinternational access is allowed for the first account, add aconfigurable flag indicating that international access is allowed forthe first account.
 17. The system of claim 13, wherein determiningwhether a database contains a configurable flag indicating thatinternational access is not allowed for the first account comprises oneof: querying the database to determine whether the database contains aconfigurable flag indicating that international access is not allowedfor the first account; or accessing, using an application programminginterface (“API”), a web service to determine whether the databasecontains a configurable flag indicating that international access is notallowed for the first account.
 18. The system of claim 13, whereininitiating the one or more first actions comprises one of: blockingaccess to the first account of the calling system by the first userdevice; prompting the first user device to enter a valid access codeuntil a number of attempts exceeds an allowed number, simulating failedaccess code entry; based on a determination that a chairpersonassociated with the first account is logged into the first account,providing the first user device with access to the first account of thecalling system; or based on a determination that a chairpersonassociated with the first account is logged into the first account,sending a prompt to the chairperson requesting whether or not to permitthe first user device to access the first account.